$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bf3aefd7-144a-4210-8532-a7b6e0533dd6.roa File: bf3aefd7-144a-4210-8532-a7b6e0533dd6.roa (raw, json) Hash identifier: s1UNMW50CQt8UkzH76grtNnGYvdQjSB3f0/INnZPnNg= Subject key identifier: 68:B9:BE:23:ED:DE:4F:2D:E6:E6:51:03:7A:6B:C6:C1:5D:76:E2:A2 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 64E6DD00B926051CD613457471B6560F88BDEEBE Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bf3aefd7-144a-4210-8532-a7b6e0533dd6.roa Signing time: Mon 16 Jun 2025 19:20:10 +0000 ROA not before: Mon 16 Jun 2025 19:20:10 +0000 ROA not after: Mon 21 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0fb:e700::/42 maxlen: 42 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 02 Jul 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:e6:dd:00:b9:26:05:1c:d6:13:45:74:71:b6:56:0f:88:bd:ee:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Jun 16 19:20:10 2025 GMT Not After : Jul 21 23:59:59 2025 GMT Subject: serialNumber=24a2745e822a939a3c968230a5d1740d335321618a43aee653c58e20b6371bc8, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:bb:d5:48:06:20:93:b0:0d:f8:bc:84:0f:2f: db:7c:30:aa:30:dc:f9:23:10:64:41:6c:88:7b:fb: 96:20:be:5f:da:22:93:e2:0f:c1:e0:cf:da:4a:13: 87:b7:eb:c3:04:b0:4a:86:f3:d7:a1:ee:b0:d6:8e: af:ba:7c:4b:fa:8d:55:a8:ff:cb:94:23:c4:cc:b1: 1c:4a:82:e6:45:e7:2c:6a:43:d6:43:c8:d0:90:0b: 74:56:73:a8:1f:6b:87:ff:3d:8d:b6:e1:56:23:33: c6:38:d2:57:95:cd:91:02:db:53:5d:08:02:3e:78: c2:f7:e1:80:09:90:01:ad:52:92:4d:0d:e7:0c:54: ed:c9:2b:18:71:ad:41:a3:58:27:17:1b:78:4d:93: 29:01:92:59:cf:9c:6e:54:fd:c6:47:f3:c8:61:4c: f1:fe:51:78:7b:a6:1c:93:9c:05:a3:fc:f5:15:7b: ce:96:58:ca:79:1d:8c:e3:c3:94:6f:87:06:e5:01: 7b:5a:61:b8:3b:d2:75:0a:99:02:61:c6:c9:7e:3a: 11:f5:50:8d:b1:8c:af:61:4e:fe:04:91:e5:0a:6c: b8:38:78:ca:1d:2f:7d:db:f1:0d:18:9c:e0:8d:58: 5a:58:d5:8e:bc:5b:42:ba:9a:89:51:c3:c0:c5:57: cb:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:B9:BE:23:ED:DE:4F:2D:E6:E6:51:03:7A:6B:C6:C1:5D:76:E2:A2 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bf3aefd7-144a-4210-8532-a7b6e0533dd6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:e700::/42 Signature Algorithm: sha256WithRSAEncryption 05:1c:0d:d6:c2:4c:61:49:dc:ae:80:b9:3f:ec:9e:a7:2f:74: 30:99:ee:56:74:f1:0e:e9:ea:eb:70:53:07:1c:8d:e2:9d:a0: 63:53:bb:83:86:70:71:bd:bf:6d:f3:37:30:f6:d7:7a:9d:15: 64:c9:78:fa:3c:26:75:65:02:db:90:a7:8a:72:0b:fc:7c:fb: d1:c0:e1:ec:37:72:27:d2:77:b6:42:e7:ce:ed:fd:3b:90:df: 88:a1:7b:4b:f8:e7:cc:6a:e0:94:f8:b9:f3:93:b2:9c:06:c1: f5:7a:97:1c:96:bf:44:04:b8:96:05:08:04:12:b3:87:4a:13: 33:e5:ba:7d:d6:cd:8a:10:e5:92:04:15:0c:70:a2:8b:fb:c4: 94:e8:0d:b4:8a:bc:9a:52:c9:68:3e:51:91:cc:92:db:99:b3: c4:80:79:ad:39:ae:e2:ef:6b:17:f8:9f:c8:90:97:e1:59:46: 93:4e:ac:52:b4:04:49:de:fa:f8:56:77:60:d1:2e:42:5a:90: a1:58:b5:3d:a0:da:55:b3:01:5c:00:f1:2b:78:ce:b9:36:1e: b0:46:1a:2d:85:b7:44:32:cd:e0:82:b8:5a:fe:35:c2:71:b8: 61:be:6e:99:9b:da:bf:3e:f8:2f:6c:9a:b4:13:d8:dc:a1:2a: 71:99:6c:5c -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUZObdALkmBRzWE0V0cbZWD4i97r4wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNjE2MTkyMDEwWhcNMjUwNzIxMjM1OTU5 WjB6MUkwRwYDVQQFE0AyNGEyNzQ1ZTgyMmE5MzlhM2M5NjgyMzBhNWQxNzQwZDMz NTMyMTYxOGE0M2FlZTY1M2M1OGUyMGI2MzcxYmM4MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDQu9VIBiCTsA34vIQPL9t8MKow3PkjEGRBbIh7+5Ygvl/a IpPiD8Hgz9pKE4e368MEsEqG89eh7rDWjq+6fEv6jVWo/8uUI8TMsRxKguZF5yxq Q9ZDyNCQC3RWc6gfa4f/PY224VYjM8Y40leVzZEC21NdCAI+eML34YAJkAGtUpJN DecMVO3JKxhxrUGjWCcXG3hNkykBklnPnG5U/cZH88hhTPH+UXh7phyTnAWj/PUV e86WWMp5HYzjw5RvhwblAXtaYbg70nUKmQJhxsl+OhH1UI2xjK9hTv4EkeUKbLg4 eModL33b8Q0YnOCNWFpY1Y68W0K6molRw8DFV8txAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUaLm+I+3eTy3m5lEDemvGwV124qIwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2JmM2FlZmQ3LTE0NGEtNDIxMC04NTMyLWE3YjZlMDUzM2RkNi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwYmAPD75wAwDQYJKoZIhvcNAQELBQADggEBAAUcDdbCTGFJ3K6AuT/snqcv dDCZ7lZ08Q7p6utwUwccjeKdoGNTu4OGcHG9v23zNzD213qdFWTJePo8JnVlAtuQ p4pyC/x8+9HA4ew3cifSd7ZC587t/TuQ34ihe0v458xq4JT4ufOTspwGwfV6lxyW v0QEuJYFCAQSs4dKEzPlun3WzYoQ5ZIEFQxwoov7xJToDbSKvJpSyWg+UZHMktuZ s8SAea05ruLvaxf4n8iQl+FZRpNOrFK0BEne+vhWd2DRLkJakKFYtT2g2lWzAVwA 8St4zrk2HrBGGi2Ft0QyzeCCuFr+NcJxuGG+bpmb2r8++C9smrQT2NyhKnGZbFw= -----END CERTIFICATE-----Generated at Tue Jul 1 16:05:19 2025 by rpki-client